Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow to specify project in build endpoint of webhook proxy #229

Closed
michaelsauter opened this issue Nov 11, 2019 · 0 comments · Fixed by #231
Closed

Allow to specify project in build endpoint of webhook proxy #229

michaelsauter opened this issue Nov 11, 2019 · 0 comments · Fixed by #231
Assignees
@michaelsauter
Labels
enhancement New feature or request

Comments

@michaelsauter
Copy link
Member

michaelsauter commented Nov 11, 2019
edited
Loading

The webhook proxy allows (with a minor exception for the prov app) only to manage/proxy within it's own project. This is good for security, but when Rundeck is gone, we need to access (at least read from) the opendevstack namespace as well.

PR #227 added a hack to master to allow building any URI. That should be reverted, and instead we should allow to build only for the current namespace and whatever is configured via a new env var ALLOWED_EXTERNAL_PROJECTS, which, if not set, defaults to opendevstack. The build endpoint payload then has to learn a new field, project, which allows to specify a project where the repository is located.

@kiwo I'll implement this in the next few days, you'll need to update your PR to the provisioning app then.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@michaelsauter michaelsauter

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Allow to configure external projects BIX-Digital/ods-core
1 participant
@michaelsauter